Active IQ Unified Manager Discussions

OnCommand Unified Manager 6.4RC1 LDAPS certificate install

PierreC
4,961 Views

Hello,

 

I'm currently testing OnCommand Unified Manager 6.4RC1 for Clustered Data ONTAP, appliance vmware version.

 

I would like to enable/use the remote authentication with a LDAP secure.

 

So i set up one of our LDAP server with port 636 and when i try a test authentication i got this error: 

"Unable to communicate with the authentication server due to the following reasons : Client truststore is empty. Please add trusted certificates to the client truststore. Verify your authentication server configuration."

 

I searched in the documentation and the forums, but i don't find how to import/add the certificate.

 

Anyone know the problem and have a solution for me ?

 

(I found something related to OCUM 5.x wit DFM command, but there is no console command in the appliance, just a settings console, or i don't find the way to access it)

3 REPLIES 3

msaravan
4,947 Views

This execption will appear only in the scenario of where you have regenerated the UM server certificate (either self-signed or a thrid party certificate signed by CA).

 

Can you please reboot the vApp once and re-try the ldaps configuration. It should go through.

 

If the above doesnt fix this issue, login to vApp console -> regenerate the self-signed certificate using console options -> reboot the server -> re-try ldaps configuration.

 

IMO, one of the above steps should fix your problem.

 

Regards,

Saravanan

PierreC
4,939 Views

Ok i've restarted the VM, and i get a prompt with the ldap certificate registration.

 

But now i'm facing a new issue, when i'm testing a domain account, it can't be found.

 

It tried in on secure mode or not with ldap server on port 636 and 389, and i have the same error.

 

My ldap settings are like that :

 

Authentication Service = Active Directory

Administrator name = domain\account

Base DN = DC=my, DC=domain, DC=com

Use secure Cnnection = Yes

PierreC
4,900 Views

I'm searching what's going wrong in my settings but i found nothing.

 

I tried to register my DC server (AD Ldap), with short name, fqdn, ip address, with secure mode on port 636 or normal on port 389.

 

But i'm always getting the same error, account not found.

 

I saw one thing on the OCUM console :

 

Network Configuration Menu:
--------------------------
1 ) Display IP Address Settings
2 ) Change IP Address Settings
3 ) Display Domain Name Search Settings
4 ) Change Domain Name Search Settings
5 ) Display Static Routes
6 ) Change Static Routes
7 ) Disable Network Interface
8 ) Enable Network Interface
9 ) Commit Changes
10 ) Ping a Host
11 ) Restore to Default Settings

b ) Back
x ) Exit

Enter your choice: 5

Current Static Routes:
------------------------------------
Interface eth0 routes:
No routes are defined.

 

There is no route is it normal settings ?

 

And, is there anyone using the OCUM package for Windows ?, i would like to know if the LDAP settings is working.

Public